[FEAT] 移除「商品狀態」冗餘模組、優化麵包屑導航與完善帳號角色過濾邏輯
All checks were successful
star-cloud-deploy-demo / deploy-demo (push) Successful in 46s
All checks were successful
star-cloud-deploy-demo / deploy-demo (push) Successful in 46s
This commit is contained in:
@@ -25,15 +25,6 @@ class DataConfigController extends Controller
|
||||
]);
|
||||
}
|
||||
|
||||
// 管理者可賣商品
|
||||
public function adminProducts()
|
||||
{
|
||||
return view('admin.placeholder', [
|
||||
'title' => '商品狀態',
|
||||
'description' => '管理者商品銷售權限',
|
||||
]);
|
||||
}
|
||||
|
||||
|
||||
// 子帳號管理
|
||||
public function subAccounts()
|
||||
|
||||
@@ -315,8 +315,8 @@ class PermissionController extends Controller
|
||||
|
||||
// 驗證角色與公司的匹配性 (RBAC Safeguard)
|
||||
if ($company_id !== null) {
|
||||
// 如果是租戶帳號,不能選超級管理員角色
|
||||
if ($role->is_system && $role->name === 'super-admin') {
|
||||
// 如果是租戶帳號,絕對不能指派超級管理員角色 (super-admin)
|
||||
if ($role->name === 'super-admin') {
|
||||
return redirect()->back()->with('error', __('Super-admin role cannot be assigned to tenant accounts.'));
|
||||
}
|
||||
// 如果角色有特定的 company_id,必須匹配
|
||||
@@ -324,7 +324,7 @@ class PermissionController extends Controller
|
||||
return redirect()->back()->with('error', __('This role belongs to another company and cannot be assigned.'));
|
||||
}
|
||||
} else {
|
||||
// 如果是系統層級帳號,只能選系統角色 (is_system = 1)
|
||||
// 如果是系統層級帳號,只能選全域系統角色 (is_system = 1)
|
||||
if (!$role->is_system) {
|
||||
return redirect()->back()->with('error', __('Only system roles can be assigned to platform administrative accounts.'));
|
||||
}
|
||||
@@ -408,7 +408,8 @@ class PermissionController extends Controller
|
||||
// 驗證角色與公司的匹配性 (RBAC Safeguard)
|
||||
if ($user->id !== auth()->id()) { // 排除編輯自己 (super-admin 有特殊邏輯)
|
||||
if ($target_company_id !== null) {
|
||||
if ($roleObj->is_system && $roleObj->name === 'super-admin') {
|
||||
// 租戶層級排除 super-admin
|
||||
if ($roleObj->name === 'super-admin') {
|
||||
return redirect()->back()->with('error', __('Super-admin role cannot be assigned to tenant accounts.'));
|
||||
}
|
||||
if ($roleObj->company_id !== null && $roleObj->company_id != $target_company_id) {
|
||||
@@ -416,7 +417,7 @@ class PermissionController extends Controller
|
||||
}
|
||||
} else {
|
||||
if (!$roleObj->is_system) {
|
||||
return redirect()->back()->with('error', __('Only system roles can be assigned to platform administrative accounts.'));
|
||||
return redirect()->back()->with('error', __('Only global system roles can be assigned to platform administrative accounts.'));
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@@ -297,6 +297,20 @@ class ProductController extends Controller
|
||||
}
|
||||
}
|
||||
|
||||
public function toggleStatus($id)
|
||||
{
|
||||
try {
|
||||
$product = Product::findOrFail($id);
|
||||
$product->is_active = !$product->is_active;
|
||||
$product->save();
|
||||
|
||||
$status = $product->is_active ? __('Enabled') : __('Disabled');
|
||||
return redirect()->back()->with('success', __('Product status updated to :status', ['status' => $status]));
|
||||
} catch (\Exception $e) {
|
||||
return redirect()->back()->with('error', $e->getMessage());
|
||||
}
|
||||
}
|
||||
|
||||
public function destroy($id)
|
||||
{
|
||||
try {
|
||||
|
||||
Reference in New Issue
Block a user